Justin Massey

Software Security Engineer

About Me

Hello - I'm Justin Massey, a security engineer who constantly tries to find the medium ground in between security and usability. Easier said than done. Currently, I am employed at Datadog as a Product Security Engineer and I work in between the product security and engineering teams to ensure our customers are delivered a secure product. I enjoy traveling, running, skiing, and watching soccer.

Projects

I built this project to introduce application security departments and penetration testers to pytest, a python testing framework. This project contains some sample pytest scripts to run against a Mutillidae 1 web server, an intentionally vulnerable web application for learning the OWASP top 10. You can use these scripts to become familiar with the pytest framework and help you visualize some different ways to test for vulnerabilities which you may have found in your application in the past and ensure they aren't reintroduced into the code base.

Work Experience

As a Site Reliability Engineer, I packaged our custom software for the AWS Marketplace with continuous deployment technologies such as Jenkins, Ansible and Packer. I also provided support to our Production Operations team to debug issues with our hosted solution.

I worked on the application security team and my original role was to conduct penetration tests on Ionic's key management as a service platform. This included writing custom tooling to test our patented key exchange. For every vulnerability I identified, I wrote a test case which could be run in a continuous integration pipeline. In addition to conducting penetration tests, I sat on the Enterprise Architecture Board to provide input from the security department on new architecture designs and changes.

As a junior penetration tester, I was required to conduct 1-2 week internal/external network, web application and physical penetration tests. These tests were conducted for clients wanting best practice pentests as well as PCI and other compliance tests.

At Atlanta Networking and Computer Help (ANCH), I managed the technical operations of the managed service provider. This included managing our help desk technicians and contractors. Additionally, I was tasked to manage the customer relations and provide assistance in the sales process.

I began my first job as a Helpdesk Technician and provided support to our customers remotely and on site. Some tasks involved with the job were: malware removal, diagnosis network issues, configuring LANs and WLANs.

Basic Information

Skills

Web App Penetration TestingExpert

API Penetration TestingExpert

Network Penetration TestingExpert

PythonExpert

Testimonials

Justin is worth his weight in gold. I hired him as a junior penetration tester, and was pleasantly surprised to find that he could handle just about any security task I sent his way. He is also an all around good guy.